Cybersecurity Architect
SCIENTEC CONSULTING PTE. LTD.
Employment Type: Contract (1-year renewable with opportunities for conversion)
Working Hours: Monday – Thursday (8.30am – 6.00pm), Friday (8.30am – 5.30pm) (Hybrid)
Working Location: One-North
Salary: Up to $10,000 + AWS
We are seeking an experienced Cybersecurity Architect to join our Governance, Risk & Compliance (GRC) team. In this role, you will be responsible for driving security architecture reviews across enterprise applications, networks, infrastructure, operating systems, databases, cloud platforms, and technology solutions to ensure cybersecurity is embedded by design.
You will work closely with application, infrastructure, network, database, cloud, and project teams to assess solution architectures, perform threat modelling, identify security risks, and define appropriate security controls throughout the system development and infrastructure lifecycle. As the cybersecurity subject matter expert, you will ensure solutions comply with organisational security standards, regulatory requirements, and industry best practices while balancing business objectives with security risks.
Key Responsibilities
Cybersecurity Architecture & Solution Review
- Conduct end-to-end security architecture reviews across enterprise applications, network infrastructure, operating systems, databases, cloud platforms, APIs, and technology solutions to ensure security-by-design principles are incorporated.
- Review solution architectures, application designs, network topology, infrastructure components, system interfaces, data flows, trust boundaries, ingress and egress points, and data classification to identify security risks and control gaps.
- Perform threat modelling, attack surface analysis, and security design assessments, recommending appropriate preventive, detective, and compensating controls.
- Develop and maintain security reference architectures, secure design patterns, architecture standards, and security baselines for cloud, hybrid, and on-premises environments.
- Evaluate enterprise security posture and recommend improvements to strengthen defence-in-depth, Zero Trust, identity security, network segmentation, encryption, and data protection capabilities.
- Ensure enterprise security technologies such as IAM, PAM, SIEM, EDR, DLP, WAF, network security, encryption, key management, and cloud security controls are appropriately designed and integrated within solution architectures.
Governance, Risk & Compliance
- Ensure security architectures comply with organisational cybersecurity policies, standards, regulatory requirements, and industry frameworks.
- Perform security risk assessments, recommend risk treatment plans, and evaluate security exceptions and risk acceptance requests.
- Develop and continuously enhance cybersecurity standards, architectural guidelines, and security governance documentation.
- Support internal and external audits by providing architecture reviews, security assessments, and evidence of implemented security controls.
- Monitor emerging cyber threats, vulnerabilities, regulatory developments, and industry best practices, recommending enhancements to strengthen the organisation's cybersecurity posture.
Project & Stakeholder Engagement
- Partner with application, infrastructure, network, database, cloud, and project teams to integrate security requirements throughout solution design, SDLC, cloud migration, and infrastructure implementation.
- Provide security architecture consultation during technology transformation, application modernisation, infrastructure upgrades, and cloud adoption initiatives.
- Collaborate with solution architects, engineers, project managers, and risk owners to remediate security findings and ensure compliance with enterprise security standards.
- Act as the cybersecurity architecture subject matter expert, providing practical security guidance while balancing business objectives, operational requirements, and cybersecurity risks.
Requirements
- Bachelor's Degree in Computer Science, Information Security, Cybersecurity, Information Systems, or a related discipline.
- Proven experience conducting enterprise security architecture reviews across multiple technology domains, including applications, networks, infrastructure, operating systems, databases, and cloud platforms.
- Strong understanding of enterprise architecture, secure system design, network security, application security, infrastructure security, cloud security, and database security principles.
- Hands-on knowledge of security technologies such as IAM, PAM, SIEM, EDR, DLP, WAF, encryption, PKI, network segmentation, firewalls, and Zero Trust architectures.
- Experience performing threat modelling, security risk assessments, and security design reviews for enterprise technology projects.
- Good understanding of security frameworks and standards such as ISO 27001, NIST CSF, CIS Controls, OWASP, MITRE ATT&CK, and security-by-design principles.
- Relevant cybersecurity certifications such as CISSP, SABSA, TOGAF, CCSP, or equivalent will be advantageous.
By submitting your resume, you consent to the collection, use, and disclosure of your personal information per ScienTec’s Privacy Policy (scientecconsulting.com/privacy-policy).
This authorizes us to:
- Contact you about potential opportunities.
- Delete personal data as it is not required at this application stage.
- All applications will be processed with strict confidence. Only shortlisted candidates will be contacted.
Wong Siew Ting (Maeve) - R25127375
ScienTec Consulting Pte Ltd - 11C5781